2 min read

E-learning Platform Exposes Personal Information of Over 1 Million North American Students

Alina BÎZGĂ

June 29, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
E-learning Platform Exposes Personal Information of Over 1 Million North American Students

Security researchers have recently discovered a leaky database belonging to the e-learning platform One Class, a remote learning tool that provides educational assistance and study guides to millions of North American students.

Uncovered by vpnMentor researchers during a routine Internet scan, the 27GB database includes 8.9 million records, and is estimated to have improperly stored personal information of more than 1 million students, including those who had their membership rejected by the platform.

The exposed records contained personal identifiable information (PII) including full names, email addresses (some masked), schools and universities attended, phone numbers, course enrollment data, and OneClass account details.

Researchers noted that some of the information could even be linked to minors, since the e-learning platform allows students as young as 13 to register. Additionally, some of the findings include educational data such as faculty details and access different textbooks and online exercises.

The investigators contacted the company on May 25, and OneClass was able to secure the server within 24 hours. However, the company denied any impact, claiming that it was a test server, and the data could not be linked to actual students.

“In response, OneClass immediately secured the database but claimed that it was a test server, and any data stored within had no relation to real individuals,” researchers said. “However, during our investigation, we had used publicly available information to verify a small sample of records in the database. Taking the PII data from numerous records, we found the social profiles of lecturers and other users on various platforms that matched the records in OneClass”s database.”

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

Company officials provided no additional comments or statements. Since it is not clear if any malicious actor also found the data, the extent of the data breach can only be speculated.

If bad actors had managed to steal the information, more than 1 million students could be at risk. Using the information available, criminals could easily deploy a phishing campaign aimed at stealing credit card information of paying members.

“OneClass users are very young – including minors – and will generally be unaware of most criminal schemes and frauds online,” the researchers added. “This makes them particularly vulnerable targets. It”s also likely many of them use their parent”s credit cards to sign up, exposing their whole family to risk”.

Malicious links embedded with various forms of malware could also be sent to unsuspecting students, potentially rendering their devices useless or encrypting their files unless ransom is paid.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Parents’ Credit Card Info Stolen in Australian High School Hack Parents’ Credit Card Info Stolen in Australian High School Hack
Alina BÎZGĂ

January 31, 2023

1 min read
Data breaches affected over 422 million people in 2022, Identity Theft Resource Center says Data breaches affected over 422 million people in 2022, Identity Theft Resource Center says
Alina BÎZGĂ

January 30, 2023

2 min read
Dutch hacker arrested for allegedly selling data of 9.1 million Austrian citizens Dutch hacker arrested for allegedly selling data of 9.1 million Austrian citizens
Alina BÎZGĂ

January 27, 2023

2 min read